CVE-2019-0835

EUVD-2019-1586
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory, aka 'Microsoft Scripting Engine Information Disclosure Vulnerability'.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4493475
1607 (x64, x86)
KB4493470
1703 (x64, x86)
KB4493474
1709 (arm64, x64, x86)
KB4493441
1803 (arm64, x64, x86)
KB4493464
1809 (arm64, x64, x86)
KB4493509
Windows 7
Service Pack 1 (x64, x86)
KB4493472
Windows 8.1
(x64, x86)
KB4493446
Windows RT 8.1
All
KB4493446
Windows Server 2008 R2
Service Pack 1 (x64)
KB4493472
Windows Server 2012
Standard
KB4493451
Windows Server 2012 R2
Standard
KB4493446
Windows Server 2016
Standard
KB4493470
Windows Server 2019
Standard
KB4493509
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0835
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0835